we wrongly mapped some efidisks into the vm, and fixed it in pve6
this potentially needs manual intervention, so warn the user about
which vms might be affected
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
on current debian buster, stock kernel images recommend
firmware-linux-free which conflict with our pve-firmware package
which leads to apt wanting to remove promxox-ve
check for the meta package in the update check script
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
If we need to add other types or increases the min size this makes it
easier as it's just a schematic definition.
Also just do a pass/fail on each cert, so drop the last "summary
pass".
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 6c7e4ab4e24592a8dfa5dac3f5047064e17254f2)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Debian Buster raised the default security level (1 -> 2) for TLS
connections.
This moves from the 80 bit security level to the 112 bit security level
and will require 2048 bit or larger RSA and DHE keys, 224 bit or larger
ECC keys, and SHA-2.
Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
(cherry picked from commit 501f8505210553093243db6d279f936498e76124)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to avoid just printing the subheader with no results
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit c4bc94bb7b019e3c5a4518eda55883bb989146c5)
and fix a typo as well
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit 388a505104eae0d8c6389b247aba7eca713b03ba)
and only fail if unable to
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(backported from commit 669211d8bbb0857275669068fcbf62560782b888)
use local copy of resolve_hostname_like_corosync instead of
pve-cluster's.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
copied from PVE 6.x's pve-cluster.
since Corosync 2.x has a different default value for ip_version, we
don't want to backport this for general usage in PVE::Corosync. the
check here needs the default of Corosync 3.x, since that is what we
upgrade to.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit be1072fb3bee0c15fbe67637289ab39adf64b6d7)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit a14a5aaf678d9f5ba6235616b091684a9042cf4a)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 71f6edacdf6f5694f10a196626b950c66665d121)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 0192b0a2c2d5e2debb8e0a3e9279e73399e288ec)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit fa1c414e265c1fe47673c069a114cbc9199d8347)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit a82c200a9e11033f0f696a0af6bb5e6d522ca883)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
As this is the state from the pmxcfs
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 88d757d0c02fe62f57432a133e222a0fbd057e4e)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 176116b22ffae4993f5b3e25977ea08c6aca4dc9)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
since we already print most of that anyway, and it is rather long.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit 3456f2fc9d3094af3a0c7bdbe7a55abfd16ff380)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
handle expected votes set to non-standard value, and try to adjust
calculations for qdevice setups.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit f6c6aa2b046b6b580855bab633a7ff1f94e3028a)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
which causes issues after upgrading to Nautilus.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit 974a1b58548eb6f63541b311166c81a46fb4dc35)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 09250673d60b34febd220944c2a904758cf91618)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we can get here if a empty (or one with just comments) ceph.conf
exists
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 153d6912879b0053af54a9218e10aa57ed43fc96)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
and adapt message a bit
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit f696b0c355d0e9400da7f10530a957ede2b4e433)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
having ipv6 enabled while not disabling ipv4 prevents
nautilus osds to start if no ipv4 network is given (because they
are trying to bind to both ip families and die if one of them
is not found)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
(cherry picked from commit 9e98f1fecf1c09811239b2c6183107a00b149de0)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
this already works on luminous, so it does not harm to add it already,
and is recommended when both msgr1 and msgr2 is activated in nautilus
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
(cherry picked from commit 4731f493c3484d5ea95dee7978678779189ef779)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
mainly because it looks strange to get a warning after the upgrade is
finished and noout has been removed again
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit 600a106ba0c47150c29f87561d480d4b89085d41)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit eb7dae8bba7f57abdf16d3843ce6716786d04bf8)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
do not suggest that we ever supported it as first class storage, it
was always just a experimental support and upstream is
EOL/unmaintained now.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 95c3dc246008b64cdc66e77f08a4862f531e7f0a)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 5a7a3630d770604a0d187190a6e9e6046048eb65)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 6e41184b1a7af21523380c7cb5080462d89bbcf4)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
list all vms with either max/host cputype or vmx/svm explicitely set
(this can only happen in the args)
give a general message if none is found at the moment (and do not warn)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
(cherry picked from commit e739e0ba6724d41f2a912796b68833ebdc8baadd)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
this is a short running script, so the version list can be re-used,
the chance that there where updates in between are slim and racy
anyway. IF getting the versions did not succeeded, we still retry on
every call though, simpler and ensures a warning is printed in the
caller check vicinity.
Makes script noticeable faster.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
only as a warning, since this will also trigger a Ceph health warning
and is easily recoverable.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
